Senior Principal Product Security Engineer
Vantive is a vital organ therapy company on a mission to extend lives and expand possibilities for patients and care teams everywhere. For 70 years, our team has driven meaningful innovations in kidney care. As we build on our legacy, we are deepening our commitment to elevating the dialysis experience through digital solutions and advanced services, while looking beyond kidney care and investing in transforming vital organ therapies. Greater flexibility and efficiency in therapy administration for care teams, and longer, fuller lives for patients— that is what Vantive aspires to deliver.
We believe Vantive will not only build our leadership in the kidney care space, it will also offer meaningful work to those who join us. At Vantive, you will become part of a community of people who are focused, courageous and don’t settle for the mediocre. Each of us is driven to help improve patients’ lives worldwide. Join us in advancing our mission to extend lives and expand possibilities.
Description
As Principal\Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal guidance.
Contributes to a cybersecurity vision that aligns with the organization's vision and strategic plan. Utilizes solid understanding of device and system connectivity concepts in a medical device domain. Provides direction to technical team members that are accountable for implementing cybersecurity, integration, and connectivity deliverables. Exhibits creativity and innovation in completing divisional and cross-functional/business unit goals and objectives.
Essential Duties and Responsibilities
· Create system requirements, architectures, risk analysis and other specifications that define the cybersecurity functionality of medical device systems both embedded and hosted.
· Create threat models of medical device systems and the interfaces between medical devices.
· Perform vulnerability scanning of medical device systems and analyze results.
· Monitor threat intelligence and analyze CWEs and CVEs that affect medical device systems and propose solutions.
· Collaborate with the cross functional team, primarily software, in the implementation of cybersecurity functionality.
· Contribute to external communications (bulletins, FAQs, etc.) related to cybersecurity.
· Resolve competing constraints between interrelated functions (Engineering, Risk Management, Compliance, Clinical, Human Factors, Regulatory, Marketing, Service).
· Ensure compliance to the product development process and Quality System and Design Control requirements.
· Work with regulators to ensure regional needs are met.
Qualifications for this role
· Experience with threat modeling, penetration testing, fuzz testing, vulnerability scanning, secure code analysis.
· Experience with cybersecurity related software such as Blackduck, Coverity, or equivalent China specific software etc.
· Experience dealing with threat intelligence, CWEs and CVEs.
· Familiarity with cybersecurity related organizations and certifications such as UL (UL-2900), ICS-CERT, FIPS 140, etc.
· Experience with cybersecurity functionality on embedded systems and hosted software applications.
· Requires strong organization and communication skills, with the ability to interface with both technical and non-technical personnel.
· Ability to convince management on courses of action with minimal assistance using both written and verbal methods.
· Must be able to provide solutions that reflect understanding business objectives.
· Medical device experience a plus.
Education and Experience
BE /B Tech or ME /M Tech with 8+ years of related experience.
Reasonable Accommodation
Vantive is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please click on the link here and let us know the nature of your request along with your contact information. Form Link
Recruitment Fraud Notice
Vantive has discovered incidents of employment scams, where fraudulent parties pose as Vantive employees, recruiters, or other agents, and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself, review our Recruitment Fraud Notice.
Address
12F New Bund International Plaza, #90 Qirong Road Shanghai 200124 Shanghai China Explore this location
- Lider de Manufactura México, Mexico
- Plant Manager México, Mexico
- FIELD SERVICE SPECIALIST Atlanta, Georgia
